Lead Analyst, Cybersecurity

Not everyone can claim to feed the world, but it is part of our every day. Behind everything we do for our farmers, there is one AGCO team making it happen. We are proud to put our curiosity into work, building a better and more sustainable world. Join our extraordinary team today! 

We are seeking an experienced Lead Security Operations Analyst to join our Security Operations Center (SOC). This is a hands-on technical leadership role responsible for driving operational excellence across security monitoring, incident detection, response, and threat hunting. In this role, you will serve as a senior escalation point for complex security incidents while providing technical leadership and mentorship to SOC analysts. You will play a critical role in strengthening detection capabilities, improving response outcomes, and advancing automation and maturity within the security operations program. This position is ideal for a senior analyst who enjoys remaining deeply technical while influencing how security operations are performed at scale. 

Your Impact 

• Lead and oversee 24x7 SOC operations, ensuring consistent monitoring, triage, and response to security events. Serve as the primary escalation point for high severity and complex security incidents. Coordinate incident response activities across IT, Cloud, Network, Legal, and Business stakeholders. Execute and continually improve incident response to playbooks and runbooks. Conduct post incident reviews to identify gaps, lessons learned, and improvement opportunities   

• Develop, maintain, and optimize SIEM detections and dashboards to improve signal quality and coverage. Build and enhance SOAR playbooks and automations to reduce mean‑time‑to‑detect (MTTD) and mean‑time‑to‑respond (MTTR). Troubleshoot detection failures, false positives/negatives, performance issues, and tool integrations. Contribute to security tooling strategy, rationalization, and roadmap planning  

• Perform proactive threat hunting to identify adversary behavior and emerging risks. Translate threat intelligence and attack techniques into actionable detections. Continuously evaluate SOC processes, tools, and workflows to improve efficiency and effectiveness  

• Advanced incident response and investigation skills across cloud, endpoint, network, and identity environments. Strong detection engineering mindset with the ability to translate threats into high-fidelity alerts. Proficiency in scripting and automation to enhance SOC efficiency   

• Solid understanding of attacker tactics, techniques, and procedures (TTPs) and security frameworks (e.g., MITRE ATT&CK)                  

Your Experience and Qualifications 

• Bachelor’s degree in computer science, Cybersecurity, Information Systems, or a related field (or equivalent experience).4–5+ years of progressive experience in security operations, incident response, or detection engineering   

• Experienced in cybersecurity incident response, endpoint security, SOC management, and Linux operating systems. Experience acting as an escalation lead or incident commander for high severity incidents   

• Progressive experience across cloud, network, endpoint, or identity security domains. Hands-on experience building detections, dashboards, or automations using SIEM and SOAR platforms   

• Strong scripting or automation skills (e.g., Python, PowerShell, Bash). Solid understanding of core security principles such as defense in depth, least privilege, secure defaults, and separation of duties   

• Experience participating in real-world incident response and/or threat hunting activities. Strong communication skills with the ability to explain technical issues to nontechnical stakeholders 

Your Benefits 

• Health care and wellness plans    

• Dental and vision plans    

• Flexible and virtual work options (where available)    

• 401(k) Savings Plan with company match    

• Employee Stock Purchase Plan offering eligible employees the ability to purchase AGCO stock at a discounted price    

• Paid holidays and paid time off    

• Health savings and flexible spending accounts    

• Reimbursement for continuing education    

• Life insurance and other supplemental insurance plans 

Your Workplace  

As a designated remote role, this position is primarily performed from a home office, except when business needs require an in-person presence.